Package edu.uiuc.ncsa.oa2.servlet
Class OA2ATServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- edu.uiuc.ncsa.security.servlet.AbstractServlet
-
- All Implemented Interfaces:
TransactionFilter,edu.uiuc.ncsa.security.core.Logable,Serializable,javax.servlet.Servlet,javax.servlet.ServletConfig
public class OA2ATServlet extends AbstractAccessTokenServlet2
Created by Jeff Gaynor
on 10/3/13 at 2:03 PM- See Also:
- Serialized Form
-
-
Field Summary
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet.AbstractAccessTokenServlet2
txRecordCleanup
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet
caThread, kpt, lastAccessedThread, myproxyConnectionCache, myproxyConnectionCleanup, transactionCleanup
-
Fields inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet
ERROR_NOTIFICATION_BODY_KEY, ERROR_NOTIFICATION_SUBJECT_KEY, notificationListeners, storeUpdatesDone
-
-
Constructor Summary
Constructors Constructor Description OA2ATServlet()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected AuthorizationGrantImplcheckAGExpiration(AuthorizationGrant ag)Contract: if the token gets updated (might have to because of changes to token versions), return it.protected List<String>convertToList(javax.servlet.http.HttpServletRequest req, String parameterName)Convert a string or list of strings to a list of them.protected List<URI>convertToURIList(javax.servlet.http.HttpServletRequest req, String parameterName)protected OA2ClientcreateErsatz(edu.uiuc.ncsa.security.core.Identifier provisioningClientID, OA2Client ersatzClient, List<edu.uiuc.ncsa.security.core.Identifier> ersatzChain)Takes a substitution chain and does the overrides.voiddestroy()protected IssuerTransactionStatedoAT(IssuerTransactionState state, OA2Client client)protected IssuerTransactionStatedoAT(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, OA2Client client)protected voiddoIt(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected TransactionStatedoRefresh(OA2Client client, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)protected voiddoRFC8628(OA2Client client, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)device flowprotected booleanexecuteByGrant(String grantType, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)Contains the tests for executing a request based on its grant type.protected ATRequestgetATRequest(javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction, OA2Client client)protected OA2ServiceTransactiongetByRT(RefreshToken refreshToken)protected OA2SEgetOA2SE()protected OA2TokenForgegetTF2()protected ServiceTransactiongetTransaction(AuthorizationGrant ag, javax.servlet.http.HttpServletRequest req)protected StringlistToString(List scopes)voidpreprocess(TransactionState state)Note that if you override this, you should call super, which sets some security-related headers, but touches nothing else.protected voidrollback(edu.uiuc.ncsa.security.storage.XMLMap backup)protected voidrollback(edu.uiuc.ncsa.security.storage.XMLMap backup, TXRecord txRecord)ServiceTransactionverifyAndGet(IssuerResponse iResponse)This is called after the response is received so that the system can get the approproate transaction.-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet.AbstractAccessTokenServlet2
doDelegation, doDelegation, getIssuerTransactionState, getIssuerTransactionState
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet.MultiAuthServlet
getAdminClient, getAdminClient, getClient, getClientSecret, verifyClientSecret
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.MyProxyDelegationServlet
checkClientApproval, createDebugger, getAGI, getATI, getClient, getClient, getFirstParameters, getGrantIDFromRequest, getMPConnection, getMPConnection, getMyproxyConnectionCache, getMyproxyServices, getServiceEnvironment, getTransaction, getTransactionByGrantID, getTransactionStore, hasMPConnection, hasMPConnection, isEmpty, loadProperties2, newTransaction, postprocess, realStoreUpdates, say, shutdownCleanup, storeUpdates
-
Methods inherited from class edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.EnvServlet
addNotificationListener, loadEnvironment, processStoreCheck, removeNotificationListener
-
Methods inherited from class edu.uiuc.ncsa.security.servlet.AbstractServlet
checkContentType, CONST, debug, doGet, doPing, doPost, error, error, getConfigurationLoader, getEnvironment, getExceptionHandler, getFirstParameterValue, getInitialization, getMyLogger, handleException, info, init, isDebugOn, printAllParameters, printAllParameters, resetState, setConfigurationLoader, setDebugOn, setEnvironment, setExceptionHandler, setInitialization, warn
-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doHead, doOptions, doPut, doTrace, getLastModified, service, service
-
-
-
-
Method Detail
-
destroy
public void destroy()
- Specified by:
destroyin interfacejavax.servlet.Servlet- Overrides:
destroyin classMyProxyDelegationServlet
-
preprocess
public void preprocess(TransactionState state) throws Throwable
Description copied from class:MyProxyDelegationServletNote that if you override this, you should call super, which sets some security-related headers, but touches nothing else.- Specified by:
preprocessin interfaceTransactionFilter- Overrides:
preprocessin classMyProxyDelegationServlet- Throws:
Throwable
-
executeByGrant
protected boolean executeByGrant(String grantType, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Throwable
Contains the tests for executing a request based on its grant type. over-ride this as needed by writing your code then calling super. Returntrueis the request is serviced and false otherwise. This is invoked in thedoIt(HttpServletRequest, HttpServletResponse)method. If a grant is given' that is not supported in this method, the servlet should reject the request, as per the OAuth 2 spec.- Parameters:
request-response-- Throws:
Throwable
-
createErsatz
protected OA2Client createErsatz(edu.uiuc.ncsa.security.core.Identifier provisioningClientID, OA2Client ersatzClient, List<edu.uiuc.ncsa.security.core.Identifier> ersatzChain)
Takes a substitution chain and does the overrides. Any int or long < 0 is assumed unset and is skipped.- Parameters:
provisioningClientID-ersatzClient-ersatzChain-- Returns:
-
convertToList
protected List<String> convertToList(javax.servlet.http.HttpServletRequest req, String parameterName)
Convert a string or list of strings to a list of them. This is for lists of space delimited values The spec allows for multiple value which in practice can also mean that a client makes the request with multiple parameters, so we have to snoop for those and for space delimited strings inside of those. This is used by RFC 8693 and specific to it.- Parameters:
req-parameterName-- Returns:
-
convertToURIList
protected List<URI> convertToURIList(javax.servlet.http.HttpServletRequest req, String parameterName)
-
doIt
protected void doIt(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Throwable- Overrides:
doItin classAbstractAccessTokenServlet2- Throws:
Throwable
-
getATRequest
protected ATRequest getATRequest(javax.servlet.http.HttpServletRequest request, ServiceTransaction transaction, OA2Client client)
- Specified by:
getATRequestin classAbstractAccessTokenServlet2
-
checkAGExpiration
protected AuthorizationGrantImpl checkAGExpiration(AuthorizationGrant ag)
Description copied from class:AbstractAccessTokenServlet2Contract: if the token gets updated (might have to because of changes to token versions), return it. If no changes, return null.- Specified by:
checkAGExpirationin classAbstractAccessTokenServlet2- Returns:
-
getOA2SE
protected OA2SE getOA2SE()
-
doAT
protected IssuerTransactionState doAT(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, OA2Client client) throws Throwable
- Throws:
Throwable
-
doAT
protected IssuerTransactionState doAT(IssuerTransactionState state, OA2Client client) throws Throwable
- Throws:
Throwable
-
getByRT
protected OA2ServiceTransaction getByRT(RefreshToken refreshToken) throws IOException
- Throws:
IOException
-
getTF2
protected OA2TokenForge getTF2()
-
doRefresh
protected TransactionState doRefresh(OA2Client client, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) throws Throwable
- Throws:
Throwable
-
rollback
protected void rollback(edu.uiuc.ncsa.security.storage.XMLMap backup) throws IOException- Throws:
IOException
-
rollback
protected void rollback(edu.uiuc.ncsa.security.storage.XMLMap backup, TXRecord txRecord) throws IOException- Throws:
IOException
-
verifyAndGet
public ServiceTransaction verifyAndGet(IssuerResponse iResponse) throws IOException
Description copied from class:MyProxyDelegationServletThis is called after the response is received so that the system can get the approproate transaction. Checks for the validity of the transaction should be done here too.- Specified by:
verifyAndGetin classMyProxyDelegationServlet- Returns:
- Throws:
IOException
-
getTransaction
protected ServiceTransaction getTransaction(AuthorizationGrant ag, javax.servlet.http.HttpServletRequest req) throws javax.servlet.ServletException
- Specified by:
getTransactionin classAbstractAccessTokenServlet2- Throws:
javax.servlet.ServletException
-
-